A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
CPE | Name | Operator | Version |
---|---|---|---|
scratchoauth2 | eq | < 2021412 |